IBM Engineering Requirements Management DOORS Next
Moderate fix3 remedies
cpe:2.3:a:ibm:engineering_requirements_management_doors_next:*:*:*:*:*:*:*
Moderate fix3 remedies
- 7.0.2
- 7.0.3
- 7.1
IBM Engineering Requirements Management DOORS Next Comment Deletion Vulnerability
Vulnerability
A vulnerability exists in IBM Engineering Requirements Management DOORS Next versions 7.0.2, 7.0.3, and 7.1.0, allowing authenticated users on the network to delete comments from other users. This issue arises from client-side enforcement of server-side security, creating a broken access control vulnerability.
Impact
Exploitation of this vulnerability allows for unauthorized deletion of user comments, potentially leading to loss of important information and disruption of communication within the application.
Remediation
Users of IBM Engineering Requirements Management DOORS Next 7.0.2 should install iFix 36. Users of version 7.0.3 should install iFix 19 or newer. Users of version 7.1.0 should install iFix 05 or newer.
Added: Oct 12, 2025, 2:21 PM
Updated: Oct 12, 2025, 2:21 PM
Vulnerability Rating
Custom Algorithm
spread
2.6impact
0.6exploitability
3.5remediation
7.7relevance
0.7threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.